All editions · Policymaker Edition
Your Community, Your AI — CC BY 4.0Big Tech AI and the Sovereignty Question
Two Different Questions
There are two distinct questions bundled inside the word "sovereignty" when it is used about AI, and a policymaker who keeps them apart will speak about the subject far more clearly than one who does not.
The first is about whose patterns a system carries — the cultural and commercial defaults it absorbed from its training. The second is about whose law reaches it — where the system runs, who controls the company that operates it, and which state can compel that company to act. The first is a question of quality and fit. The second is a question of state. This article is mostly about the second, because it is the one most often confused, and the one where policy has the greatest purchase. (Any unfamiliar term in this series is defined in plain language in the glossary.)
The Structural Difference
Start with the first question, briefly, because it sets up the second.
A system trained on the open internet — marketing copy, social media, encyclopaedia entries, corporate discourse — is articulate and broadly informed, but its defaults are shaped by what the internet over-represents: English-language content, commercial framing, individualistic assumptions, and the operating culture of the technology industry. It under-represents civic and municipal language, deliberative democratic practice, public-accountability conventions, and the actual records of any particular country's institutions. This is not a flaw to be prompted away; it is structural, because the system's character is set by its training, and its training was the internet.
A system grounded instead in an organisation's — or a country's — own records carries different patterns. It answers from the actual minutes, decisions, and documents it was given, not from a statistical average of the web. For a public body, that difference matters for the quality of the output. But it does not, on its own, answer the harder question — because a system grounded in your records can still run on infrastructure controlled by a company that answers to a foreign state.
The Jurisdiction Problem
Here is the part that belongs squarely in the domain of policy, and that is routinely misunderstood.
Several major legal regimes give a state authority over the data and systems of companies incorporated under its law — wherever in the world that data physically sits. Three are worth naming, not as accusations against any particular vendor but as categories of exposure a legislator should understand:
- The US CLOUD Act (2018) compels US providers to produce data they control in response to lawful US orders, regardless of the country in which the servers are located.
- FISA Section 702 authorises US surveillance of non-US persons through US providers.
- The PRC National Intelligence Law (2017) requires Chinese organisations to support and co-operate with state intelligence work.
These are not exotic edge cases. They are the ordinary operation of law in the jurisdictions where most of the world's frontier AI capacity is built and controlled. And they establish a principle that a policymaker should be able to state in one sentence:
Data access follows corporate control, not physical location.
A data centre inside your borders, operated by a company incorporated abroad, does not put the data beyond the reach of the foreign state whose law governs that company. The building is here; the jurisdiction is not.
There is a second, related exposure that a legislator should hold alongside the first. Access to a capability a public service has come to depend on can be conditioned, restricted, or withdrawn by a foreign authority — through export controls, sanctions, or a change in a company's own terms — without the dependent country's consent. Dependence on a capability you do not control is a strategic exposure whether or not any particular incident ever occurs. The point is structural, and it holds regardless of which supplier is involved.
Data Residency Is Not Data Sovereignty
This is the distinction most worth carrying out of this article, because it is the one most often elided in vendor marketing and, sometimes, in official language.
Data residency is a question of where the servers are. A commitment that data will be stored in-country is a residency commitment.
Data sovereignty is a question of whose authority governs the data — who can compel its disclosure, who sets the rules for its use, who can switch off access to it. Sovereignty requires residency and that the law reaching the data remains domestic.
Residency without sovereignty is a comfortable-sounding half-measure. If a country's sensitive information sits on servers within its borders but under the control of a company a foreign state can lawfully compel, the residency box is ticked and the sovereignty question is untouched. A policymaker who conflates the two will accept assurances that do not deliver what they appear to promise. Keeping the terms distinct is the single most useful discipline in this area.
The Argument Is Supplier-Agnostic
It would be easy to read the previous sections as an argument to prefer one country's suppliers over another's — to swap an American vendor for a European one, or to avoid a Chinese one. That is not the argument, and a policymaker who frames it that way will get the policy wrong.
Every major supplier is incorporated under some state's law, and every such state has, or can pass, instruments comparable to the ones named above. The exposure is not a property of a particular flag; it is a property of depending on a capability whose control sits under a jurisdiction other than your own. Swapping foreign supplier A for foreign supplier B changes which state has the reach. It does not change the fact that the reach is foreign.
So the useful policy question is not which foreign supplier do we trust? It is how do we keep custody and control at home? — and that is a question about architecture and procurement, not about vendor loyalty. It can be answered with rules that any supplier is free to meet: tests for where a model actually runs and whose law reaches it; requirements that sensitive data and its derivatives stay within domestic legal reach; and standards for records that let a public body reconstruct what an AI system did, independently of the vendor that supplied it. None of that names a favoured company. All of it keeps the decision where it belongs — with the country, not the vendor.
For a small economy, this framing is also the affordable one. Owning the chips, the data centres, and the frontier models outright is out of reach. Keeping authority, custody, and control over records and decisions is not — it is largely a matter of rules and standards, and it is available to any government willing to write them. Article 5 sets out what those rules could look like, drawn as a menu rather than a prescription.
Where This Leaves the Legislator
The sovereignty question is not resolved by asking whether an AI system is powerful, or even by asking whether it is accurate. It is resolved by asking three plainer questions, each of which a policymaker can put to any proposal without needing a technical background:
- Where does the system actually run, and whose law reaches the company that controls it?
- Do our sensitive data — and anything derived from them — stay within our own legal reach?
- If access were restricted tomorrow by a decision made in another jurisdiction, what would we be unable to do?
A system that answers these well may be narrower than the largest commercial offering. For a matter of state, that is the right trade. Raw capability that a country cannot account for, and cannot rely on keeping, is worth less to it than a capability — even a more modest one — that stays under its own authority when the pressure comes.
The next article turns from where AI is governed to how — and to the reason that voluntary principles, however well drafted, are not by themselves enough.
Want to use AI tools like these well, and safely? Our free courses — Working with Claude and Agents at Work — teach the practical skills, from getting trustworthy answers to deciding what to hand an agent. For the full technical architecture behind Village AI, see Village AI — Agentic Governance.
Useful? Share this article, or show a QR code to scan.